PC Magazine SecurityWatch

4 ways to protect your privacy while playing online games.

Views expressed in this cybersecurity and cybercrime update are those of the reporters and correspondents.  Accessed on 28 September 2022, 0322 UTC. Content provided by email subscription to "PC Magazine SecurityWatch."

Source:  https://mail.google.com/mail/u/0/?tab=rm&ogbl#inbox/FMfcgzGqQmNcnBlpVMppwkVzgbFRcVbb

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts

https://www.hawaiicybersecurityjournal.net and https://paper.li/RussellRoberts (machine learning, artificial intelligence, IoT, and information security)

PCMag SecurityWatch
4 Ways to Protect Your Privacy While Playing Online Games
The Call of Duty: Modern Warfare II open beta kicked off this past weekend, and as players give their first impressions of gameplay mechanics via social media, the company that publishes the game, Activision, is collecting their data and using it to sell products. It's not a big secret, as the company lays out its data collection and retention policies in its privacy policy

Activision's privacy document is extensive, but is written in a way that's easy to understand and contains links to help users opt out of their targeted mobile advertising program. In the past, I've asked readers to check out privacy policies before using mobile apps. Here, I'm telling online gamers the steps you should take to keep your their data private while you play.

Why Game Developers Want Your Data

As noted by writers from the Brookings Institution in an article examining data-driven video game design, today's game companies collect a lot of data about their players to improve the playing experience for everyone. In the case of Activision, the company notes in its privacy policy that players should expect surveillance when it comes to their in-game chats or voice communications, as those may be monitored for anti-cheat, anti-fraud, and anti-toxicity purposes. 

If you're playing an Activision game and running other software on your gaming device simultaneously, Activision may monitor and record that activity. My initial reaction to this kind of tracking was negative. However, a quick Twitter search yields complaints from Call of Duty: Modern Warfare II players regarding others using software to cheat during the open beta. I think anti-cheat monitoring is necessary for everyone to have an equitable and fun gaming experience, so I'm okay with that kind of in-game observation by the company.

How Game Companies Collect and Lose Your Personal Information

I have less of a problem with player activity monitoring by game companies and more of a concern with the amount of data the companies keep about their players. The more player information companies retain, the more data there is for hackers to steal during inevitable data breach incidents. 

Earlier this year, a criminal breached the Neopets database, potentially exposing payment and personal information connected to almost 70 million accounts. In a statement, the Neopets website confirmed the hack and informed users that the information stolen might include the following: "...data provided when registering for or playing Neopets, including name, email address, username, date of birth, gender, IP address, Neopets PIN, hashed password, as well as data about a player's pet, gameplay, and other information provided to Neopets."

The online security research site TechRobot recently published a report analyzing top game developers' privacy policies. TechRobot found that over half of the online game developers examined in the study retain data concerning who gamers play with, and nearly 90% of the game companies collect information gleaned from in-game chats.

The most egregious data collector in TechRobot's report is Riot Games, the company behind the wildly popular free-to-play title League of Legends. Riot Games last reported a data breach back in 2013, when approximately 120,000 transaction records were accessed. I looked into the game's privacy policy and confirmed that Riot Games automatically collects information such as a player's IP address, geographic location, ISP, and chat logs. Riot also collects all the information players provide voluntarily, such as demographic information, hobbies, favorite games, and contact lists.

Riot collects a lot of personal information, and it's exactly the kind of stuff that bad actors want when they're hatching their identity theft schemes. In the aftermath of a data breach, it's easy for criminals to combine all of those disparate pieces of personally identifiable information to create a victim profile. The crooks then use these data profiles to impersonate their victims and open up lines of credit in their names or create fake social media profiles used to scam the people in their contact lists.

How to Protect Your Data When Playing Online Games

Below are a few ways you can reduce your online data footprint while still playing the games you love:

  1. Unlink your social media accounts. Many game companies, including the ones I've mentioned above, monitor all your in-game communications, which sometimes extends to social media posts. For example, according to their privacy policy, Riot Games gathers social data from users who link their Facebook accounts to their Riot Games accounts.

  2. Use a VPN while you play. A VPN is a privacy tool that can hide your IP address, thus concealing your geographical location and changing your DNS information. Remember that some games ban players from VPN use for location-locked release dates or region-locked in-game items. Since latency and speed can be affected by their use, we've rounded up a list of the best VPNs for gaming.

  3. Use a password manager to create and store your game account credentials. When the game company's servers are hacked in the future, you will be sitting pretty, knowing you created a unique password for that gaming account, so your other accounts won't be in danger of being compromised by reused passwords.

  4. Enable multi-factor authentication on your account. MFA secures your account by ensuring hackers need something you have (such as a hardware token or cell phone) or something you are (such as your fingerprint) in addition to something you know (such as a password), to access your account details.

Get this from a friend? Get it delivered to your inbox weekly. Sign up for the SecurityWatch newsletter.

What Else Is Happening in the Security World This Week?

This Malware Can Infect Your PC With Over 20 Malicious Programs. The NullMixer malware can download a large number of Trojans to a PC all at once, according to antivirus provider Kaspersky.

UK Police May Have Arrested Hacker Behind GTA 6 Leak. Police in London say they've nabbed a 17-year-old on suspicion of hacking crimes.

Twitter: Our Password Reset Function Failed to Log Users Out of Devices. It blames the now-resolved problem on a bug that was accidentally introduced last year.

Meta Sued for Tracking iOS Users Even If They've Opted Out. The lawsuit also claims the Facebook app violates state and federal laws.

Use the Google App to Request Removal of Search Results With Personal Info. Search result removals can now be requested via Google's Android app for some users.

Save $50 on IPVanish VPN
If you buy something from our links, we may get a commission from the sale. Learn more here.
33% off NordPass Password Manager 2-Year Premium Plan
 Just $1.99/mo  

Tech Companies Look to HBCUs to Expand US Cybersecurity Workforce
The demand for trained cybersecurity employees is massive, despite cybersecurity being one of the best-paid careers in tech, according to a 2020 study. At the same time, recent research from EdWeek revealed students in small and high-poverty school districts are significantly less likely to be exposed to cybersecurity education. That means lower-income and minority students have significantly fewer pathways to the cybersecurity field as a career.

Now big tech companies are starting programs at historically Black colleges and universities to recruit the cybersecurity professionals of the future. It’s work already being done by one software engineer at Microsoft who started an interview workshop at a university thanks to a collaborative effort by his employer, the school, and the students. Click here to find out what he says other tech employees can do to increase diversity at their companies.

Keep It Secret, Keep It Safe: The Best Privacy-Minded Gifts for Your Paranoid Pals

Got a New PC? 11 Things to Do Right Away

Morgan Stanley Discarded Old Hard Drives Without Deleting Customer Data First

Free Decryptor Released for LockerGoga Ransomware

Chrome, Edge Enhanced Spelling Features Are Exposing Your Personal Information

Want more deals like these delivered to your inbox?
Pre-order OnePlus 10T 5G Unlocked Android 6.7" 120Hz AMOLED Phone w/ 16GB RAM, 256GB Storage & 125W SuperVOOC Charging
*Ships Sept 29, 2022
$749.99 $629.99  

Apple AirPods Pro w/ MagSafe Charging Case
$249.00 $179.99  

Meta Portal TV Smart Video Calling Device (Group Calls on Your TV)
$149.00 $49.00  

Meta Portal Go 10" Touchscreen Portable Smart Video Calling Device with Battery
$199.00 $99.00  

All product and deal information such as discount, price and availability are believed to be accurate as of the time of publication. Please verify these details with the merchant site and check the merchant's terms and conditions before you buy. Publisher is not responsible for errors or omissions.


Popular posts from this blog

SecurityWeek Briefing.

Cyber War Newswire

SecurityWeek Briefing.